Vulnerability

bitdefender.com

Have you patched your IoT devices against the KrØØk Wi-Fi chip flaw?

Unpatched IoT gadgets, smartphones, tablets, laptops, Wi-Fi access points and routers with Broadcom chips are all at risk from the KrØØk vulnerability.

Read more in my article on the Bitdefender BOX blog.

bitdefender.com

Over one billion Android devices at risk as they no longer receive security updates

More than one billion Android devices are at risk of being hacked or infected by malware, because they are no longer supported by security updates and built-in protection.

That’s the conclusion of an investigation which found that at-risk smartphones are still being sold, despite the range of malware and other threats to which they are vulnerable.

Read more in my article on the Hot for Security blog.

bitdefender.com

Cathay Pacific slammed for security failures following hack which exposed 9.4 million people worldwide

The UK’s Information Commissioner’s Office (ICO) has fined Cathay Pacific for “a number of basic security inadequacies” which resulted in hackers stealing the data of 9.4 million people worldwide – including 111,578 from the UK.

Read more in my article on the Hot for Security blog.

HackerOne rewards bughunter who found critical security hole in… HackerOne

Vulnerability-reporting platform HackerOne has come clean about a critical security flaw on its own website that could have been used to expose the email addresses of users.

Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers

It’s one of the largest Patch Tuesday updates ever issued by Microsoft, and includes fixes for 12 security vulnerabilities that have been given the highest severity rating of “critical.”

The clock is ticking. IT teams should waste no time in readying themselves for a roll-out across the Windows computers for which they’re responsible.

Android users at risk from Bluetooth hijack attack, and are warned of “short distance worm” threat

Hackers could exploit a flaw on unpatched Android 8.0 and 9.0 phones to run malicious code such as a worm, with no user interaction required.

bitdefender.com

How your network could be hacked through a Philips Hue smart bulb

Security researchers have shared some details of vulnerabilities they have found in Philips Hue smart bulbs that could be exploited by hackers to compromise networks remotely.

Read more in my article on the Hot for Security blog.

WhatsApp flaw gave hackers access to files from Windows and Macs

If you run WhatsApp’s desktop client on your Mac or PC then you would be wise to make sure it’s up-to-date, following the revelation that a security researcher uncovered a critical security flaw.

Twitter security hole allowed state-sponsored hackers to match phone numbers to usernames

Twitter admits to a bug that might have put privacy-conscious users at risk – by revealing what phone numbers are associated with which Twitter accounts.

bitdefender.com

$20,000 up for grabs in Xbox Live security hole hunt

Microsoft is inviting gamers, security researchers, and technologists to pit their wits against the Xbox network in the search for security vulnerabilities.

Read more in my article on the Hot for Security blog.

97% of airports showing signs of weak cybersecurity

New research has shone on a light on what appears to be a shocking lack of security at the world’s airports.

Boffins at ImmuniWeb took a look at 100 of the world’s largest airports, and only found three that passed with flying colours for their web and app security.

Win $1.5 million hacking an Android phone

If you can crack the security of the Titan M chip found on the Google Pixel 3, Pixel 3a, and Pixel 4 smartphones, you could be in for a big reward…

Windows 7 definitely won’t ever receive any more bug fixes (errm… apart from this one for its wallpaper)

We definitely definitely absolutely won’t ever ever be releasing any more updates for Windows 7, said Microsoft earlier this month.

Now there’s an update on its way to fix a cosmetic bug in how Windows 7 displays users’ desktop wallpaper…

Microsoft’s Internet Explorer zero-day workaround is breaking printing

Microsoft’s workaround for an unpatched vulnerability that is being exploited in targeted attacks by hackers appears to be causing printer errors.

Trend Micro anti-virus zero-day exploited in attack on Mitsubishi Electric

There is some egg on the face of Trend Micro after it is revealed their anti-virus software was exploited to steal data from Mitsubishi Electric, but they aren’t the real villains of the story.

Webex flaw allowed anyone to join private online meetings – no password required

Cisco, the makers of Webex, had warned users of the online conferencing service that a vulnerability allowed unauthorised remote users to listen in on private online meetings – without having to enter a password.